<?php
require_once('config.inc.php');

session_start();

$url_action = (empty($_REQUEST['action'])) ? 'logIn' : $_REQUEST['action'];
$auth_realm = (isset($auth_realm)) ? $auth_realm : '';

if (isset($url_action)) {
    if (is_callable($url_action)) {
        call_user_func($url_action);
    } else {
        echo 'Function does not exist, request terminated';
    };
};

function logIn() {
    global $auth_realm;

    if (!isset($_SESSION['username'])) {
        if (!isset($_SESSION['login'])) {
            $_SESSION['login'] = TRUE;
            header('WWW-Authenticate: Basic realm="'.$auth_realm.'"');
            header('HTTP/1.0 401 Unauthorized');
            echo 'You must enter a valid login and password';
            echo '<p><a href="?action=logOut">Try again</a></p>';
            exit;
        } else {
            $user = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : '';
            $password = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : '';
            if(AUTH_METHOD == 'Basic'){
            $result = authenticate($user, $password);
            }  
            if (AUTH_METHOD == 'LDAP') {
                $result = authenticate_LDAP($user,$password);
            }
            if ($result == 0) {
                $_SESSION['username'] = $user;
            } else {
                session_unset($_SESSION['login']);
                errMes($result);
                echo '<p><a href="">Try again</a></p>';
                exit;
            };
        };
    };
}

function authenticate($user, $password) {
    global $_user_;
    global $_password_;
  
    if (($user == $_user_)&&($password == $_password_)&&(AUTH_METHOD == 'Basic'))   { return 0; }
    else { return 1; };

}

function authenticate_LDAP($user,$password){

    $ds=ldap_connect(LDAP_SERVER);
    if ($ds) { 
    ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
    if (!ldap_set_option($ds, LDAP_OPT_REFERRALS, 0)) { 
    exit('Failed to set opt referrals to 0'); 
} 
    //echo "Binding ..."; 
    $r=@ldap_bind($ds,$user.DOMAIN_SUFFIX,$password);   
 
    if(!$r){
        echo "Unable to bind to LDAP server<BR>";
    }

   // echo "Bind result is " . $r . "<br />";

 //   echo "Searching for (sn=glosappio) ...";
    $cn = "samaccountname=".$user;
    // Search surname entry
    $sr=@ldap_search($ds, DN , $cn);  
  //  echo "Search result is " . $sr . "<br />";
    

 //   echo "Closing connection";
    ldap_close($ds);

} else {
    echo "<h4>Unable to connect to LDAP server</h4>";
}
if($sr != FALSE){ return 0; } else { return 1; }
}

function errMes($errno) {
    switch ($errno) {
        case 0:
            break;
        case 1:
            echo 'The username or password you entered is incorrect';
            break;
        default:
            echo 'Unknown error';
    };
}

function logOut() {

    session_destroy();
    if (isset($_SESSION['username'])) {
        session_unset($_SESSION['username']);
        echo "You've successfully logged out<br>";
        echo '<p><a href="?action=logIn">LogIn</a></p>';
    } else {
        header("Location: ?action=logIn", TRUE, 301);
    };
    if (isset($_SESSION['login'])) { session_unset($_SESSION['login']); };
    exit;
}
?>
